Hi Kees,

0day kernel testing robot got the below dmesg and the first bad commit is

git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git lsm/mnt-restrict
commit d9df832e0cc059bc6f94ee6ea5286fdd1efac503
Author:     Kees Cook <keescook@chromium.org>
AuthorDate: Sat Sep 21 15:52:51 2013 -0700
Commit:     Kees Cook <keescook@chromium.org>
CommitDate: Tue Sep 2 14:23:48 2014 -0700

    LSM: MntRestrict blocks mounts on symlink targets
    
    On systems where certain filesystem contents cannot be entirely trusted,
    it is beneficial to block mounts on symlinks. This makes sure that
    malicious filesystem contents cannot trigger the over-mounting of trusted
    filesystems. (For example, a bind-mounted subdirectory of /var cannot be
    redirected to mount on /etc via a symlink: a daemon cannot elevate privs
    to uid-0.)
    
    Signed-off-by: Kees Cook <keescook@chromium.org>

+-------------------------------------------------------------+------------+------------+------------------+
|                                                             | 7505ceaf86 | d9df832e0c | v3.17-rc3_090307 |
+-------------------------------------------------------------+------------+------------+------------------+
| boot_successes                                              | 183        | 0          | 0                |
| boot_failures                                               | 57         | 20         | 21               |
| BUG:kernel_boot_hang                                        | 57         |            |                  |
| Kernel_panic-not_syncing:Could_not_register_security_module | 0          | 20         | 21               |
| backtrace:panic                                             | 0          | 20         | 21               |
| backtrace:mntrestrict_init                                  | 0          | 20         | 21               |
| backtrace:security_init                                     | 0          | 20         | 21               |
+-------------------------------------------------------------+------------+------------+------------------+

[    0.008000] ACPI: Core revision 20140724
[    0.009549] ACPI: All ACPI Tables successfully acquired
[    0.010749] Security Framework initialized
[    0.012012] Kernel panic - not syncing: Could not register security module
[    0.013779] CPU: 0 PID: 0 Comm: swapper/0 Not tainted 3.17.0-rc3-00003-gd9df832 #6
[    0.016000] Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011
[    0.016000]  0000000000000000 ffffffff81a03eb0 ffffffff81563273 ffffffff817aad75
[    0.016000]  ffffffff81a03f28 ffffffff8155e113 ffffffff00000008 ffffffff81a03f38
[    0.016000]  ffffffff81a03ed8 00000000000143c0 ffffffff81b4d998 0000000080000000
[    0.016000] Call Trace:
[    0.016000]  [<ffffffff81563273>] dump_stack+0x4e/0x7a
[    0.016000]  [<ffffffff8155e113>] panic+0xc6/0x1d8
[    0.016000]  [<ffffffff81ae197b>] mntrestrict_init+0x37/0x49
[    0.016000]  [<ffffffff81adf754>] security_init+0x3c/0x47
[    0.016000]  [<ffffffff81ac0e30>] start_kernel+0x38d/0x3c7
[    0.016000]  [<ffffffff81ac08a0>] ? set_init_arg+0x53/0x53
[    0.016000]  [<ffffffff81ac0120>] ? early_idt_handlers+0x120/0x120
[    0.016000]  [<ffffffff81ac04a2>] x86_64_start_reservations+0x2a/0x2c
[    0.016000]  [<ffffffff81ac0592>] x86_64_start_kernel+0xee/0xfb

Elapsed time: 5
qemu-system-x86_64 -cpu kvm64 -enable-kvm -kernel /kernel/x86_64-randconfig-hsxa1-09030805/d9df832e0cc059bc6f94ee6ea5286fdd1efac503/vmlinuz-3.17.0-rc3-00003-gd9df832 -append 'hung_task_panic=1 earlyprintk=ttyS0,115200 debug apic=debug sysrq_always_enabled rcupdate.rcu_cpu_stall_timeout=100 panic=-1 softlockup_panic=1 nmi_watchdog=panic oops=panic load_ramdisk=2 prompt_ramdisk=0 console=ttyS0,115200 console=tty0 vga=normal  root=/dev/ram0 rw link=/kbuild-tests/run-queue/kvm/x86_64-randconfig-hsxa1-09030805/linux-devel:devel-hourly-2014090307:d9df832e0cc059bc6f94ee6ea5286fdd1efac503:bisect-linux-6/.vmlinuz-d9df832e0cc059bc6f94ee6ea5286fdd1efac503-20140903092602-20-vp branch=linux-devel/devel-hourly-2014090307 BOOT_IMAGE=/kernel/x86_64-randconfig-hsxa1-09030805/d9df832e0cc059bc6f94ee6ea5286fdd1efac503/vmlinuz-3.17.0-rc3-00003-gd9df832 drbd.minor_count=8'  -initrd /kernel-tests/initrd/yocto-minimal-x86_64.cgz -m 320 -smp 1 -net nic,vlan=1,model=e1000 -net user,vlan=1 -boot order=nc -no-reboot -watchdog i6300esb -rtc base=localtime -drive file=/fs/LABEL=KVM/disk0-yocto-vp-25,media=disk,if=virtio -drive file=/fs/LABEL=KVM/disk1-yocto-vp-25,media=disk,if=virtio -drive file=/fs/LABEL=KVM/disk2-yocto-vp-25,media=disk,if=virtio -drive file=/fs/LABEL=KVM/disk3-yocto-vp-25,media=disk,if=virtio -drive file=/fs/LABEL=KVM/disk4-yocto-vp-25,media=disk,if=virtio -drive file=/fs/LABEL=KVM/disk5-yocto-vp-25,media=disk,if=virtio -pidfile /dev/shm/kboot/pid-yocto-vp-25 -serial file:/dev/shm/kboot/serial-yocto-vp-25 -daemonize -display none -monitor null 

git bisect start 548c845e0c12d446fbcd0cfc042b14075b7e8ca8 69e273c0b0a3c337a521d083374c918dc52c666f --
git bisect good eade7959972091def889e2e9b3f01ef254e20ac0  # 14:39     20+      0  Merge 'spi/topic/of-guard' into devel-hourly-2014090307
git bisect  bad 0b58f7b34051d9685dbce8e967014ca9e7057c76  # 14:39      0-     20  Merge 'kees/arm/ro-nx' into devel-hourly-2014090307
git bisect  bad 424e081d63cbcab953f96eb9a06a7458e6eb0645  # 14:39      0-     20  Merge 'kees/lsm/mnt-restrict' into devel-hourly-2014090307
git bisect good 241aae727b8fd58a9f4bdf4919817957f4f64152  # 14:39     20+      0  Merge 'renesas/devel' into devel-hourly-2014090307
git bisect good 4caa05c6584e62f376c5153c12d5f6de10a7571a  # 14:39     20+      0  Merge 'kvm/nsvm-fixes' into devel-hourly-2014090307
git bisect good 44a883de40cd921a99bf5e60b9fcce20b5b4c194  # 14:39     20+      0  Merge 'kees/typos' into devel-hourly-2014090307
git bisect good ea9c715254f99adc3b8a52bbc71bfcb3f329a16c  # 14:39     20+      0  Merge 'staging/staging-next' into devel-hourly-2014090307
git bisect  bad d9df832e0cc059bc6f94ee6ea5286fdd1efac503  # 14:41      0-     20  LSM: MntRestrict blocks mounts on symlink targets
# first bad commit: [d9df832e0cc059bc6f94ee6ea5286fdd1efac503] LSM: MntRestrict blocks mounts on symlink targets
git bisect good 7505ceaf863590b24a4c0c83b64817d26e0d51e3  # 14:45     60+     30  Merge branch 'irq-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
git bisect  bad 548c845e0c12d446fbcd0cfc042b14075b7e8ca8  # 14:45      0-     21  0day head guard for 'devel-hourly-2014090307'
git bisect good 7505ceaf863590b24a4c0c83b64817d26e0d51e3  # 15:00     60+     57  Merge branch 'irq-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
git bisect good 40e569af89a97a775e918713e2f08fa5ce5f1bb4  # 15:01     60+      0  Add linux-next specific files for 20140902


This script may reproduce the error.

----------------------------------------------------------------------------
#!/bin/bash

kernel=$1

kvm=(
	qemu-system-x86_64
	-cpu kvm64
	-enable-kvm
	-kernel $kernel
	-m 320
	-smp 1
	-net nic,vlan=1,model=e1000
	-net user,vlan=1
	-boot order=nc
	-no-reboot
	-watchdog i6300esb
	-rtc base=localtime
	-serial stdio
	-display none
	-monitor null 
)

append=(
	hung_task_panic=1
	earlyprintk=ttyS0,115200
	debug
	apic=debug
	sysrq_always_enabled
	rcupdate.rcu_cpu_stall_timeout=100
	panic=-1
	softlockup_panic=1
	nmi_watchdog=panic
	oops=panic
	load_ramdisk=2
	prompt_ramdisk=0
	console=ttyS0,115200
	console=tty0
	vga=normal
	root=/dev/ram0
	rw
	drbd.minor_count=8
)

"${kvm[@]}" --append "${append[*]}"
----------------------------------------------------------------------------

Thanks,
Fengguang